Sign up for our weekly security newsletter

Cisco: Web Malware Almost Doubled in Q2-2011

As per the Cisco's second-quarter threat report for Q2-2011, unique web malware increased twice in access during Q2-2011 accounting to 287,298 in June 2011 from 105,536 in March 2011.

As per Cisco's second-quarter threat report, the encounter rate every month for average web malware during Q2-2011 stood at 335 encounters per enterprise with maximum peaks in March with 455 encounters and April with 453 encounters.

From the view point of per seat encounter, companies with an employee strength of 5001-10,000 and even in excess of 25,000 employees faced relatively higher number of malware encounters against companies with comparatively other size segments.

The report stated that in spite of the rise in encounters from web malware, the number of unique malware hosts and unique IP addresses were stable from March 2011 to June 2011.

Along with the above findings, the report states that brute-force SQL login efforts rose in Q2-2011, overlapping with cases of SQL injection damages and additional brute force interventions leading to a rise in data violation during the period.

Further, IPS (Intrusion prevention system) event firings indicative of denial of service (DoS) attempts rose in Q2-2011. Spam volumes throughout the world continued to remain consistent for the entire first part of 2011, with a minor reduction during Q2-2011.

Also, advanced persistent threats (APTs) participated in a crucial role in several breaches that attacked companies in Q2-2011. APTs are usually rootkit-enabled, showed no evidence of infections, and generally make use of escalation of privilege and other types of exploit to pass through the hacked network. malware utilized in this kind of attack can circumvent signature revelation and further standard kinds of security fortification. Consequently, APTs are hard to be detected, instead, active and current analysis of in-house security data resources and traffic analysis is needed.

Manager of the computer Security Incident Response Team at Cisco, Gavin Reid, stated that organizations have to remain more careful and vigilant in regarding the APT attacks, as per the reports by eweek.com on August 1, 2011.

Taking into consideration that APTs are designed to remain out of the sphere of detection, security experts at Cisco suggested netizens to remain watchful in order to block any sort of suspicion.